I just need to know if its possible and how. I had an incident once on a message board I frequented where someone's signature displayed info about my PC and internet connection to me rather than an actual artsy-fartsy signature. I'm not new to this, I saw that type of thing appear roughly a decade ago but circumstances regarding this person's actions are worrisome. I'm talking about what* else* did that particular signature execute? Did that sig send info back to that person's computer about my computer? I know this sounds paranoid...
Curious Gorge
21
Junior Poster in Training
Recommended Answers
Jump to PostYes, it's possible. If not handled properly many input text accept the <script> tag.
Then that JS is saved on the DB and when the signature is displayed the javascript could be executed also(again, if not properly handled by the developer).This is called XSS (Cross Site Scripting).
A simple …
Jump to PostImagine anything you can do with JS running on your page for everybody to see. Maybe even a redirect to a porn site :(
All 5 Replies
AleMonteiro
238
Can I pick my title?
Curious Gorge
21
Junior Poster in Training
diafol
Curious Gorge
21
Junior Poster in Training
diafol
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.